08-17-2019
In addition to which operating system you are dealing with (as asked by Neo), can you please tell us what problem you are trying to solve.
The basic concept of any operating system kernel includes security in that, upon a new installation, a single superuser ('root' on Unix/Linux and 'administrator' on Windows) has ultimate control. Unless the superuser "gives away" access rights nobody else can just take them. If rights are given away (e.g. via sudoers file) they can always be rescinded by the superuser. What are you trying to do here?
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
All,
I want to run a non-root script as the root user with non-root environment variables with crontab. The non-root user would have environment variables for database access such as Oracle or Sybase. The root user does not have the Oracle or Sybase enviroment variables. I thought you could do... (2 Replies)
Discussion started by: bubba112557
2 Replies
2. Solaris
Hello All,
I need your help to know how i can give regular user ALL root privileges.
If there is any way pleas help me :)
Regards,
Ahmad (7 Replies)
Discussion started by: ahmad_one
7 Replies
3. Solaris
Hi Friends,
I would like to block the root user for doing ftp. As I am aware that I need to put the entry for root in /etc/ftpusers.....am I right...??? But I am not able to edit the file & even more command is not working.
#ls -l ftp*
total 14
-rw-r--r-- 1 root sys 1249 Jun... (3 Replies)
Discussion started by: jumadhiya
3 Replies
4. Linux
We are intending to protect a set of user specified files using LVM mirroring where the protected space on which the user files are stored is mirrored on an LV on a different disk. Our problem is that for a user with a custom layout has installed linux with 2 partitons for swap and / and there is... (0 Replies)
Discussion started by: kickdgrass
0 Replies
5. Solaris
Can anyone please tell how to give root privilege to a normal user in solaris 10? (5 Replies)
Discussion started by: nicktrix
5 Replies
6. Red Hat
Friends ,
i want to run my smtp service as a root .
let me know what r the changes i have to made to my machine .
AVklinux (1 Reply)
Discussion started by: avklinux
1 Replies
7. UNIX for Dummies Questions & Answers
Hi,
I use a nomachine terminal to access KDE desktop(redhat linux enterprise) on a server. Is there any way to get the mouse wheel to work without root privilege ?
I have a usb mouse connected to a nomachine terminal,most likely the mouse wheel problem is not the problem of nomachine, but... (1 Reply)
Discussion started by: grossgermany
1 Replies
8. AIX
How to block the root user login in system direct console. Users should login with non-root ids themselves and then use the su command to become root. Which configuration file i need to check and disable it. (5 Replies)
Discussion started by: kmvinay
5 Replies
9. UNIX for Advanced & Expert Users
Hi all,
actually my scenario is we are running a webserver using apache-tomcat in that our client uploading resumes, so that particular space we are allowed to upload
for that we are running java in root permission, so even we changed the particular folder permission also inside the Webapps but... (1 Reply)
Discussion started by: anishkumarv
1 Replies
10. Solaris
Hi All
After downloading ZFS documentation from oracle site, I am able to successfully migrate UFS root FS without zones to ZFS root FS. But in case of UFS root file system with zones , I am successfully able to migrate global zone to zfs root file system but zone are still in UFS root file... (2 Replies)
Discussion started by: sb200
2 Replies
LEARN ABOUT NETBSD
secmodel_extensions
SECMODEL_EXTENSIONS(9) BSD Kernel Developer's Manual SECMODEL_EXTENSIONS(9)
NAME
secmodel_extensions -- Extensions security model
DESCRIPTION
secmodel_extensions implements extensions to the traditional security model based on the original 4.4BSD. They can be used to grant addi-
tional privileges to ordinary users, or enable specific security measures like curtain mode.
The extensions are described below.
Curtain mode
When enabled, all returned objects will be filtered according to the user-id requesting information about them, preventing users from access-
ing objects they do not own.
It affects the output of many commands, including fstat(1), netstat(1), ps(1), sockstat(1), and w(1).
This extension is enabled by setting security.models.extensions.curtain or security.curtain sysctl(7) to a non-zero value.
It can be enabled at any time, but cannot be disabled anymore when the securelevel of the system is above 0.
Non-superuser mounts
When enabled, it allows file-systems to be mounted by an ordinary user who owns the point node and has at least read access to the special
device mount(8) arguments. Note that the nosuid and nodev flags must be given for non-superuser mounts.
This extension is enabled by setting security.models.extensions.usermount or vfs.generic.usermount sysctl(7) to a non-zero value.
It can be disabled at any time, but cannot be enabled anymore when the securelevel of the system is above 0.
Non-superuser control of CPU sets
When enabled, an ordinary user is allowed to control the CPU affinity(3) of the processes and threads he owns.
This extension is enabled by setting security.models.extensions.user_set_cpu_affinity sysctl(7) to a non-zero value.
It can be disabled at any time, but cannot be enabled anymore when the securelevel of the system is above 0.
SEE ALSO
affinity(3), sched(3), sysctl(7), kauth(9), secmodel(9), secmodel_bsd44(9), secmodel_securelevel(9), secmodel_suser(9)
AUTHORS
Elad Efrat <elad@NetBSD.org>
BSD
December 3, 2011 BSD